=========================================================================
| README for OCaml-safepass						|
|									|
| Dario Teixeira (dario.teixeira@yahoo.com)				|
| October 2012								|
=========================================================================

1. Overview
===========

OCaml-safepass is a library offering facilities for the safe storage of
user passwords.  By "safe" we mean that passwords are salted and hashed
using the Bcrypt algorithm [1].  Salting prevents rainbow-table based
attacks [2], whereas hashing by a very time-consuming algorithm such as
Bcrypt renders brute-force password cracking impractical.

OCaml-safepass's obvious usage domain are web applications, though it
does not depend on any particular framework.  Internally, OCaml-safepass
binds to the C routines from Openwall's Crypt_blowfish [3].  However,
it would be incorrect to describe OCaml-safepass as an OCaml binding
to Crypt_blowfish, because the API it exposes is higher-level and more
compact than that offered by Crypt_blowfish.  Moreover, OCaml-safepass's
API takes advantage of OCaml's type-system to make usage mistakes nearly
impossible.


2. Dependencies
===============

OCaml-safepass has no external dependencies.  Note that it bundles
the Public Domain licensed 'crypt_blowfish.h' and 'crypt_blowfish.c'
C modules from Openwall's Crypt_blowfish.


3. Building and installing
==========================

OCaml-safepass uses OASIS.  Building and installing follows the costumary
'configure', 'make', and 'make install' sequence.  To generate the ocamldoc
API documentation, use 'make doc'.


4. License
==========

OCaml-safepass is distributed under the terms of the GNU LGPL version 2 with
the usual OCaml linking exception.  See LICENSE file for full license text.


References
==========

[1] http://en.wikipedia.org/wiki/Bcrypt
[2] http://en.wikipedia.org/wiki/Rainbow_table
[3] http://www.openwall.com/crypt/

